* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Tuesday, June 3, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Entertainment-Focused Narrative and Culture Change Practice – New America

    Transforming Culture Through Engaging Entertainment Narratives

    Rising stars: Young classical musicians surging on social media – Yahoo

    Meet the Next Generation of Classical Music Sensations Making Waves on Social Media!

    Devin Harjes Dies: ‘Manifest’ & ‘Boardwalk Empire’ Actor Was 41 – WyomingNews.com

    Tragic Loss: Devin Harjes, Star of ‘Manifest’ and ‘Boardwalk Empire,’ Passes Away at 41

    Why Starz Entertainment Stock Soared Today – The Motley Fool

    Unpacking the Surge: What Fueled Starz Entertainment’s Stock Explosion Today!

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI for lawyers: Win back your time using technology – nationaljurist.com

    Reclaim Your Time: How AI is Transforming the Legal Profession

    Prosecutors accuse men of exporting U.S. military technology to China – Milwaukee Journal Sentinel

    Men Charged with Illegally Exporting U.S. Military Technology to China

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    This giant microwave may change the future of war – MIT Technology Review

    Revolutionizing Warfare: The Impact of a Game-Changing Giant Microwave

    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Entertainment-Focused Narrative and Culture Change Practice – New America

    Transforming Culture Through Engaging Entertainment Narratives

    Rising stars: Young classical musicians surging on social media – Yahoo

    Meet the Next Generation of Classical Music Sensations Making Waves on Social Media!

    Devin Harjes Dies: ‘Manifest’ & ‘Boardwalk Empire’ Actor Was 41 – WyomingNews.com

    Tragic Loss: Devin Harjes, Star of ‘Manifest’ and ‘Boardwalk Empire,’ Passes Away at 41

    Why Starz Entertainment Stock Soared Today – The Motley Fool

    Unpacking the Surge: What Fueled Starz Entertainment’s Stock Explosion Today!

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI for lawyers: Win back your time using technology – nationaljurist.com

    Reclaim Your Time: How AI is Transforming the Legal Profession

    Prosecutors accuse men of exporting U.S. military technology to China – Milwaukee Journal Sentinel

    Men Charged with Illegally Exporting U.S. Military Technology to China

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    This giant microwave may change the future of war – MIT Technology Review

    Revolutionizing Warfare: The Impact of a Game-Changing Giant Microwave

    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Crowdstrike causes the largest IT outage in history, massive questions about testing regime

July 20, 2024
in Technology
Crowdstrike causes the largest IT outage in history, massive questions about testing regime
Share on FacebookShare on Twitter

Yesterday was one of the craziest days in IT, if you know an IT Administrator, best to give them a hug, they probably need one.

CrowdStrike is an American cybersecurity company that provides endpoint security software, used by more than 20,000 companies and is installed on millions of PCs.

Yesterday the company released an update to their security software which included a bug that caused a virtually instantaneous Blue Screen of Death (BSOD) on Windows PCs. Once machines were in this state, they would reboot and the user would again see a BSOD.

At around 4PM Australian time on Friday 19th July, 2024, the issue began being reported as a Microsoft outage, which then after further investigation was understood to be an issue caused by Crowdstrike.

The world has never seen an impact of this scale before and thankfully it turned out to not be malicious. The outages caused by CrowdStrike included:

Travel chaos: Thousands of flights were cancelled or delayed worldwide, causing significant disruptions for travellers and airlines during the peak summer season.

Business interruptions: Many businesses and government agencies experienced operational disruptions, affecting productivity and service delivery. This included banks, hospitals, emergency services, and media companies.

Economic impact: Some businesses were forced to close, losing revenue, while others lost productivity as employees were unable to work. The outage undoubtedly caused financial losses for affected businesses, particularly in the travel and service sectors. CrowdStrike itself lost Billions of dollars from its Market Cap overnight as a result of the issue.

Public inconvenience: Many individuals were inconvenienced by the disruption of essential services, such as online banking, hospital systems, and emergency communication channels.

I covered the issue on X for more than 5 hrs yesterday and this post from Sydney Airport with the flight information displays all showing BSODs has now accumulated more than 840,000 Views.

So what happened?

Zach Vorhies (@Perpetualmaniac) does a great job of detailing the root cause of the issue. Crowdstrike’s code in the new update attempted to call a invalid memory address – 0x9c which Microsoft in turn, immediately terminated the application and in turn took down the whole Operating System.

It’s important to remember that security software is installed that establishes a trust relationship the vendor. Given the nature of viruses / exploits will attempt to change low-level system files that windows requires to run, we have to trust a security product enough to provide high-level access to system files in order to scan them for malicious activity.

This access is provided in order to protect the machine and the ongoing task of protecting a machine requires updates to respond to new exploits and vulnerabilities found in the wild. This means the update process that caused yesterday’s issue is completely necessary and valid and done by many security products (including Microsoft’s own defender).

What we expect from security vendors that have this high-level access to critical files (and access to memory) is that they thoroughly test their code before it gets anywhere near a customer machine.

When programmers write code to address the memory, they have a responsibility to check for null values and when the code made an invalid attempt to address that region of the computer’s memory, it happened to collide with the space reserved for System Drivers (allowing hardware and software to talk to one another).

Given driver’s have privileged access to the computer, the operating system was forced to crash immediately, causing in the end-user symptom of a BSOD. Generally computers can recover with a simple reboot, but that wasn’t the case here.

Crowdstrike Analysis:

It was a NULL pointer from the memory unsafe C++ language.

Since I am a professional C++ programmer, let me decode this stack trace dump for you. pic.twitter.com/uUkXB2A8rm

— Zach Vorhies / Google Whistleblower (@Perpetualmaniac) July 19, 2024

Why is this bad?

This is an invalid region of memory for any program. Any program that tries to read from this region WILL IMMEDIATELY GET KILLED BY WINDOWS.

That is what you see here with this stack dump.

— Zach Vorhies / Google Whistleblower (@Perpetualmaniac) July 19, 2024

This is what is causing the blue screen of death. A computer can recover from a crash in non-privileged code by simply terminating the program, but not a system driver. When your computer crashes, 95% of the time it’s because it’s a crash in the system drivers.

— Zach Vorhies / Google Whistleblower (@Perpetualmaniac) July 19, 2024

How is this resolved?

Having broken much of the world, CrowdStrike eventually issued a public statement (Available here), hours after the finger was firmly pointed at them. The George Kurtz, the CEO CrowdStrike is now on an apology tour, which will not do much to mitigate the global outrage at the company.

For those companies that use CrowdStrike and had the update propagate through their devices, they needed to do the following steps to remove the bad update.

The fix seems easy enough with just 4 steps to work around it, but the reality was very different.

Step 1 was to Boot Windows into Safe Mode. At home, you’ll have a decent chance of doing this, but enterprise-deployed devices will not allow regular users to do this.

Most business machines (and hopefully personal machines) will use Bitlocker driver encryption so that if a machine is lost or stolen, the data on the drive can’t be read without a credential or Bitlocker key that was generated at the time the drive was encrypted. When IT Admins deploy Bitlocker, they are responsible for storing this key and while they may have access to it, end-users do not.

The other massive factor here is a logistic one. Jumping into safe mode, almost always means access to the physical machine, so those Admins (or 3rd party IT service providers) need to go to each machine with a different 25-character code to enter safe mode.

Steps 2-4 are simple once you overcome the first step.

The above workaround would get a machine back up and running and as the cause and workaround were identified, system recovery began.

While this hit on Friday afternoon for Australia, there were plenty of machines that were waking up and getting the machine as the time zones rolled around the world.

CrowdStrike identified the issue and pulled the update from deployment to stop the bleeding. Their next task was to deploy a new update to resolve what they were trying to address with the first one. This took place and any new machines getting updates from CrowdStrike would not be impacted.

What an insane, wild ride that was.

What is this prevented in the future?

As I said before, this access is required by security products to keep your machine safe and deployments of security products is common in enterprise to guard against security attacks from motivated actors.

This means simply uninstalling CrowdStrike, or banning them from updates is not the solution.

The fix going forward will certainly be far more rigorous testing regimes at CrowdStrike (and other AV vendors). Not only was the bad code written, but we expect it passed automated testing/validation and that was enough to get out the door.

Software of this importance, with this level of access, really needs to go through phased rollouts, small groups first, then over time with success, and an acceptable amount of issues/feedback (hopefully zero), then it could progress to the next stage of rollout.

As Microsoft does with their Windows Insider Release Rings, this would allow the issue to be found and addressed when it’s only on a small number of machines and we could have avoided anything like what we seen yesterday.

Microsoft should also consider what they allow on Windows too. While backing up the machine constantly for a roll-back point isn’t always practical, a machine should be able to roll back defective drivers with a reboot if they have a bug like this.

Let us know in the comments how you were impacted by #Cloudstrike

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : TechAU – https://techau.com.au/crowdstrike-causes-the-largest-it-outage-in-history-massive-questions-about-testing-regime/

Tags: causesCrowdStriketechnology
Previous Post

CrowdStrike Outage Disrupts Microsoft Systems Worldwide

Next Post

Manchester City uses Fortnite to expand its global audience

Fed’s Logan: The US economy remains resilient – FXStreet

Fed’s Logan: The US economy remains resilient – FXStreet

June 3, 2025
Entertainment-Focused Narrative and Culture Change Practice – New America

Transforming Culture Through Engaging Entertainment Narratives

June 3, 2025
NC lawmakers target pharmacy “middlemen” in proposed reforms – North Carolina Health News

NC Lawmakers Take Aim at Pharmacy Middlemen with Bold Reform Proposals

June 3, 2025
If we want better political representation, let’s stop voting straight ticket in Indiana – Indiana Capital Chronicle

Break the Mold: Why Ditching Straight Ticket Voting in Indiana Can Transform Political Representation

June 3, 2025
AI for lawyers: Win back your time using technology – nationaljurist.com

Reclaim Your Time: How AI is Transforming the Legal Profession

June 3, 2025
LeBron James details his gripes with the current state of youth sports: ‘A lot of kids burn the hell out’ – CBS Sports

LeBron James Opens Up About the Challenges Facing Youth Sports: “So Many Kids Are Burning Out

June 2, 2025
Restoration cannot be scaled up globally to save reefs from loss and degradation – Nature

Reviving Our Reefs: The Challenge of Scaling Up Restoration Efforts Globally

June 2, 2025
Attorney General Bonta Sues to Stop Termination, Withholding of National Science Foundation Grants – State of California – Department of Justice (.gov)

Attorney General Bonta Takes Action to Protect National Science Foundation Grants

June 2, 2025
Exclusive: US veterans agency orders scientists not to publish in journals without clearance – The Guardian

US Veterans Agency Imposes New Restrictions on Scientific Publishing

June 2, 2025
Upper Allen Township launches new initiative to encourage a more active lifestyle – fox43.com

Upper Allen Township launches new initiative to encourage a more active lifestyle – fox43.com

June 2, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (660)
  • Economy (675)
  • Entertainment (21,581)
  • General (15,257)
  • Health (9,718)
  • Lifestyle (677)
  • News (22,149)
  • People (676)
  • Politics (684)
  • Science (15,895)
  • Sports (21,180)
  • Technology (15,662)
  • World (662)

Recent News

Fed’s Logan: The US economy remains resilient – FXStreet

Fed’s Logan: The US economy remains resilient – FXStreet

June 3, 2025
Entertainment-Focused Narrative and Culture Change Practice – New America

Transforming Culture Through Engaging Entertainment Narratives

June 3, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version